Example: Fugue CI/CD with Regula Pre-deployment Checks¶
This is part 2 in a series. For part 1, see Example: Fugue CI/CD with Terraform, GitHub, CircleCI.
Fugue’s infrastructure as code (IaC) security features for repository environments are now available in closed beta. Fugue IaC security integrates with Regula to scan code files locally and in CI/CD pipelines. To request access, contact firstname.lastname@example.org.
Our example-tf-circleci-part-2 GitHub repo shows you how to add pre-deployment compliance checks to your CI/CD pipeline by integrating Regula with Fugue, Terraform, GitHub, and CircleCI.
As in part 1, the example will deploy infrastructure into your AWS account (see remotestate.tf, main.tf), and it incorporates the following components:
Regula (new in Part 2): Evaluate Terraform infrastructure-as-code for compliance
Amazon Web Services (AWS): Provide cloud infrastructure (a VPC and security group)
Terraform: Define infrastructure as code
GitHub: Store infrastructure as code in version control
CircleCI: Deploy infrastructure via Terraform and kick off Fugue scan
Fugue: Scan infrastructure for any noncompliant resources and set a new baseline
With the addition of Regula, the pipeline demonstrates end-to-end security and compliance. Regula validates resource configuration pre-deployment and Fugue ensures it stays compliant post-deployment.
Don’t forget to visit the example-tf-circleci-part-2 repo, which contains the full walkthrough and all of the code in this example.
If you missed it the first time around, check out Part 1 of this example.
And if you enjoyed this example, you might also like Example: Fugue Notifications in Slack.